• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 14 de 14

    Ayuda para limpiar amenazas (Solucionado)

    Mil Gracias Daniela!! Ahí te paso el log y te comento luego si anduvo todo ok. Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017 Ran by Juanqui (09-11-2017 15:19:51) Run:1 Running from C:\Users\Juanqui\Desktop ...

          
    1. #11
      Usuario Avatar de DieguinMT
      Registrado
      ago 2006
      Ubicación
      Argentina
      Mensajes
      10

      Re: Ayuda para limpiar amenazas

      Mil Gracias Daniela!! Ahí te paso el log y te comento luego si anduvo todo ok.

      Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
      Ran by Juanqui (09-11-2017 15:19:51) Run:1
      Running from C:\Users\Juanqui\Desktop
      Loaded Profiles: Juanqui (Available Profiles: Juanqui)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\...\Run: [uTorrent] => C:\Users\Juanqui\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-28] (BitTorrent Inc.)
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\...\MountPoints2: {ab0880e9-bd17-11e7-8209-e03f49a42cb4} - "F:\setup.exe"
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-3180147740-3525273052-2287761617-1000 -> {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
      FF ProfilePath: C:\Users\Juanqui\AppData\Roaming\Mozilla\Firefox\Profiles\acej28ex.default [not found] <==== ATTENTION
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
      FF Plugin HKU\S-1-5-21-3180147740-3525273052-2287761617-1000: ubisoft.com/uplaypc -> D:\Archivos de Programas\Trials Evolution\datapack\orbit\npuplaypc.dll [No File]
      CHR Extension: (No Name) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-24]
      CHR Extension: (Avast Online Security) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-22]
      CHR Extension: (Chrome Media Router) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-22]
      CHR Profile: C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom [2017-11-06] <==== ATTENTION
      CHR Extension: (Presentaciones) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Documentos) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
      CHR Extension: (Chrome Media Router) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-06]
      CHR HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
      U3 idsvc; no ImagePath
      2017-10-21 20:52 - 2017-10-21 20:53 - 000002536 _____ C:\WINDOWS\System32\Tasks\{489072A4-068F-4E9D-81A3-C84E1FA6EF01}
      2017-10-21 20:52 - 2017-10-21 20:53 - 000002514 _____ C:\WINDOWS\System32\Tasks\{DA784E38-AEDF-49F5-B59F-9EF7C232A4AD}
      2017-10-21 20:52 - 2017-10-21 20:53 - 000002442 _____ C:\WINDOWS\System32\Tasks\{6EF09A60-8425-4FBF-B38D-A42665FA938B}
      2017-10-21 20:52 - 2017-10-21 20:53 - 000002206 _____ C:\WINDOWS\System32\Tasks\{53781029-468B-4EAA-906B-77A812656402}
      2017-10-21 20:52 - 2017-10-21 20:53 - 000002200 _____ C:\WINDOWS\System32\Tasks\{747A9EA3-F8B3-4521-BCB1-36A9B8926968}
      ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
      Task: {048149CD-6DD6-47CC-8D56-5E826F4B1A7D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
      Task: {55BA43E9-0A3E-4827-A9FD-78A28A2416DF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
      Task: {58648941-4E02-4BE3-B45F-8C865C1E7DC3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
      Task: {6BA7867B-037A-48C8-82D9-6322E2840312} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
      Task: {8C970DA7-2A03-4482-86C7-00276857DCD9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
      Task: {9351CF6A-A304-40C8-B043-145DE5AB89A6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
      Task: {A14FE1B4-B32F-46A5-BE0F-936783CB1800} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
      Task: {A2FF0194-3635-4761-A1E5-FBA6F986DECF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
      Task: {B65EDD62-A4B1-4DE6-8CBA-7760FD5FD19A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
      Task: {BE845A6F-9F27-4F78-812B-5103FFB73530} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
      Task: {E00BDA62-EF65-4014-9554-8A54DD057072} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
      Task: {FD54698F-7BBB-46BD-A682-CBBA3E8072A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
      Task: {FD80B40E-1D99-4754-BF51-60F6B1890B28} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
      WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION
      ShortcutWithArgument: C:\Users\Juanqui\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Juanqui\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
      ShortcutWithArgument: C:\Users\Juanqui\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Juanqui\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
      ShortcutWithArgument: C:\Users\Juanqui\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\Juanqui\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\Juanqui\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
      ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Juanqui\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
      HKLM\...\StartupApproved\Run32: => " QQPCTray"

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab0880e9-bd17-11e7-8209-e03f49a42cb4} => key removed successfully
      HKLM\Software\Classes\CLSID\{ab0880e9-bd17-11e7-8209-e03f49a42cb4} => key not found.
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
      HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2039DD3E-4E72-4C20-90E7-9FD959AA7D06} => key removed successfully
      HKLM\Software\Classes\CLSID\{2039DD3E-4E72-4C20-90E7-9FD959AA7D06} => key not found.
      C:\Users\Juanqui\AppData\Roaming\Mozilla\Firefox\Profiles\acej28ex.default => path removed successfully
      HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\Software\MozillaPlugins\ubisoft.com/uplaypc => key removed successfully
      D:\Archivos de Programas\Trials Evolution\datapack\orbit\npuplaypc.dll => not found.
      CHR Extension: (No Name) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-24] => Error: No automatic fix found for this entry.
      CHR Extension: (Avast Online Security) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-22] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome Media Router) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-22] => Error: No automatic fix found for this entry.
      C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom => moved successfully
      CHR Extension: (Presentaciones) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] => Error: No automatic fix found for this entry.
      CHR Extension: (Documentos) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] => Error: No automatic fix found for this entry.
      CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome Media Router) - C:\Users\Juanqui\AppData\Local\Google\Chrome\User Data\shnospannupydernadom\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-06] => Error: No automatic fix found for this entry.
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
      HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
      idsvc => service removed successfully
      C:\WINDOWS\System32\Tasks\{489072A4-068F-4E9D-81A3-C84E1FA6EF01} => moved successfully
      C:\WINDOWS\System32\Tasks\{DA784E38-AEDF-49F5-B59F-9EF7C232A4AD} => moved successfully
      C:\WINDOWS\System32\Tasks\{6EF09A60-8425-4FBF-B38D-A42665FA938B} => moved successfully
      C:\WINDOWS\System32\Tasks\{53781029-468B-4EAA-906B-77A812656402} => moved successfully
      C:\WINDOWS\System32\Tasks\{747A9EA3-F8B3-4521-BCB1-36A9B8926968} => moved successfully
      HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => key removed successfully
      HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
      HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => key removed successfully
      HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
      HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => key removed successfully
      HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{048149CD-6DD6-47CC-8D56-5E826F4B1A7D} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{048149CD-6DD6-47CC-8D56-5E826F4B1A7D} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55BA43E9-0A3E-4827-A9FD-78A28A2416DF} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55BA43E9-0A3E-4827-A9FD-78A28A2416DF} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58648941-4E02-4BE3-B45F-8C865C1E7DC3} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58648941-4E02-4BE3-B45F-8C865C1E7DC3} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BA7867B-037A-48C8-82D9-6322E2840312} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BA7867B-037A-48C8-82D9-6322E2840312} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C970DA7-2A03-4482-86C7-00276857DCD9} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C970DA7-2A03-4482-86C7-00276857DCD9} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9351CF6A-A304-40C8-B043-145DE5AB89A6} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9351CF6A-A304-40C8-B043-145DE5AB89A6} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A14FE1B4-B32F-46A5-BE0F-936783CB1800} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A14FE1B4-B32F-46A5-BE0F-936783CB1800} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2FF0194-3635-4761-A1E5-FBA6F986DECF} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2FF0194-3635-4761-A1E5-FBA6F986DECF} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B65EDD62-A4B1-4DE6-8CBA-7760FD5FD19A} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B65EDD62-A4B1-4DE6-8CBA-7760FD5FD19A} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE845A6F-9F27-4F78-812B-5103FFB73530} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE845A6F-9F27-4F78-812B-5103FFB73530} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E00BDA62-EF65-4014-9554-8A54DD057072} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E00BDA62-EF65-4014-9554-8A54DD057072} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD54698F-7BBB-46BD-A682-CBBA3E8072A7} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD54698F-7BBB-46BD-A682-CBBA3E8072A7} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD80B40E-1D99-4754-BF51-60F6B1890B28} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD80B40E-1D99-4754-BF51-60F6B1890B28} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
      WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION => removed successfully
      C:\Users\Juanqui\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully.
      C:\Users\Juanqui\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument removed successfully.
      C:\Users\Juanqui\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk => Shortcut argument removed successfully.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\ QQPCTray => value removed successfully
      HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value not found.

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Conexi¢n de *rea local:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::f0d3:55f:dcfc:3fbf%3
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.3
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007043c
      El servicio no puede iniciarse en modo a prueba de errores



      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-3180147740-3525273052-2287761617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 7888896 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49963050 B
      Java, Flash, Steam htmlcache => 92897920 B
      Windows/system/drivers => 12068 B
      Edge => 478 B
      Chrome => 109568 B
      Firefox => 0 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 16674 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 128 B
      systemprofile32 => 128 B
      LocalService => 4982 B
      NetworkService => 14945768 B
      Juanqui => 86625117 B
      DefaultAppPool => 33058 B

      RecycleBin => 2616 B
      EmptyTemp: => 240.8 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 15:20:31 ====

    2. #12
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: Ayuda para limpiar amenazas

      Hola

      De acuerdo, nos comentas como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de DieguinMT
      Registrado
      ago 2006
      Ubicación
      Argentina
      Mensajes
      10

      Re: Ayuda para limpiar amenazas

      Daniela, son una genia!! es lo mínimo que puedo decir. Quedó de maravilla. Nuevamente mil gracias!.

    4. #14
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: Ayuda para limpiar amenazas

      Hola DieguinMT

      Sigue estos pasos, para eliminar las herramientas utilizadas:


      • Utiliza de nuevo >> Descarga >> DelFix

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca todas las casillas.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), revisa que se hayan eliminado las herramientas utilizadas.



      Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

      Nos alegramos que se te haya resuelto Damos el tema por solucionado.


      Si deseas REABRIR ESTE TEMA presiona para reportarlo Como Reportar Mensajes?.

      Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión: Blog, Twitter, Facebook, para estar al tanto de los nuevos malwares y cómo prevenirlos.
      *** Tema solucionado ***


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12